Plugging an electric car to a charger opens a dangerous window for hacking attacks. Attackers can intercept data, steal electricity, run malicious code, or even completely stop charging networks. Cybersecurity researcher Brandon Perry has demonstrated that the charging port and the device itself act as separate network interfaces through which it is possible to penetrate the car’s internal systems or infrastructure.
When charging a Tesla using a modified Linux charger, the researcher discovered that a two-way digital connection is established between the car and the charger, which is not always encrypted. The traffic transmits identifiers such as EVCCID and EVSEID, information about the charge level, MAC addresses, etc.
This data can be used to:
Vulnerabilities were recorded in two popular systems – StEVe CSMS and CitrineOS, which the researcher was able to crash.
Today, electric cars are not only vehicles, but also computing devices with many connection points. Communication protocols between the car and the charger, such as powerline communication (PLC), are poorly protected. Often, TLS is either not used at all or is based on self-signed certificates that are easy to bypass. The charging port itself is a hardware access point: it can be opened physically without signaling, and the necessary debugging equipment is freely available.
The security of the charging infrastructure in electric cars turned out to be critically unprotected. Traffic interception, spoofing, DoS on CSMS, SSH access over a cable – all this became possible due to an underestimation of the network layer of charging. In the context of the rapid electrification of transport and the expansion of the “smart” charging network, securing EV communications should become the #1 priority for manufacturers, CSMS developers and public station owners.
